Akihiro Suda
09900f32dc
Merge pull request #1382 from tonistiigi/cache-loop
...
solver: avoid recursive loop on cache-export
2020-03-03 18:37:49 +09:00
Tõnis Tiigi
f1ecc7824e
Merge pull request #1384 from AkihiroSuda/fuse-overlayfs
...
rootless: support fuse-overlayfs
2020-03-02 22:38:45 -08:00
Tonis Tiigi
09e8a06c04
client: improve cache key loop test
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-03-02 22:35:59 -08:00
Anca Iordache
8c65b5bbd5
Tests build with local cache export
...
- to detect infinite loop caused by circular dependencies
Signed-off-by: Anca Iordache <anca.iordache@docker.com>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-03-02 22:35:59 -08:00
Tonis Tiigi
0010996598
solver: avoid recursive loop on cache-export
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-03-02 22:35:59 -08:00
Akihiro Suda
9f90f5a985
rootless: support fuse-overlayfs
...
While real overlayfs is available only in Ubuntu and Debian kernels,
fuse-overlayfs is universally available for kernel >= 4.18.
For dockerized deployment, `--device /dev/fuse` needs to be added to
`docker run` flags.
Kubernetes deployment needs a custom device plugin that enables
`/dev/fuse`, e.g. https://github.com/honkiko/k8s-hostdev-plugin
Instead of a device plugin, the device can be also enabled by setting
`securityContext.privileged` to `true`.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-03-03 11:30:29 +09:00
Tõnis Tiigi
4d8d91bf49
Merge pull request #1379 from AkihiroSuda/update-containerd-20200225
...
vendor: update containerd (and various packages)
2020-02-27 21:06:18 -08:00
Akihiro Suda
7b579cdb98
vendor: update containerd (and various packages)
...
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-02-28 10:24:10 +09:00
Akihiro Suda
b55d2ff985
Merge pull request #1381 from tonistiigi/platforms-detect
...
update supported platforms without restart
2020-02-28 01:16:11 +09:00
Tonis Tiigi
d1458a6587
update supported platforms without restart
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-02-26 08:15:42 -08:00
Akihiro Suda
bb2f21b233
Merge pull request #1376 from tonistiigi/go-113-support
...
update to go1.13
2020-02-25 10:59:58 +09:00
Tonis Tiigi
a60ecfa4ae
vendor: restore dependency versions
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-02-24 17:31:01 -08:00
Zach Badgett
1efe7b145d
Fix docker dependencies
...
Signed-off-by: Zach Badgett <zach.badgett@gmail.com>
2020-02-24 15:47:32 -08:00
Zach Badgett
820200aa1d
Fix go.mod to be compatible with go1.13
...
Signed-off-by: Zach Badgett <zach.badgett@gmail.com>
2020-02-24 15:44:11 -08:00
Tõnis Tiigi
d75ed2b682
Merge pull request #1361 from hinshun/frontend-inputs
...
Implement CapFrontendInput to pass llb.States to frontends
2020-02-24 14:55:49 -08:00
Edgar Lee
5ec7bc7713
Change FrontendInputs in backend API definitions to *pb.Definition
...
Signed-off-by: Edgar Lee <edgarl@netflix.com>
2020-02-24 14:38:01 -08:00
Edgar Lee
b027a8572d
Fix terminating op with non-zero output index, i.e. AddMount as final vertex
...
Signed-off-by: Edgar Lee <edgarl@netflix.com>
2020-02-24 14:38:01 -08:00
Edgar Lee
7e0f923181
Implement CapFrontendInput to pass llb.States to frontends
...
Signed-off-by: Edgar Lee <edgarl@netflix.com>
2020-02-24 14:38:01 -08:00
Tõnis Tiigi
ae04ab49c4
Merge pull request #1375 from hinshun/non-refarray
...
Change wire format from ref arrays to singular refs while maintaining backwards compatibility
2020-02-24 14:32:22 -08:00
Edgar Lee
635e7f0ce0
Change wire format from ref arrays to singular refs while maintaining backwards compatibility
...
Signed-off-by: Edgar Lee <edgarl@netflix.com>
2020-02-21 13:58:28 -08:00
Tõnis Tiigi
332cdb5e25
Merge pull request #1355 from tonistiigi/mounts-deadlock
...
ops: fix deadlock on releasing shared mounts
2020-02-21 10:34:57 -08:00
Tibor Vass
adde225dcb
Merge pull request #1180 from Code0x58/expand-expansion
...
Expand shell variable expansion - add mandatory variables
2020-02-20 17:26:06 -08:00
Tõnis Tiigi
89978e7069
Merge pull request #1370 from thaJeztah/bump_crypto
...
vendor: golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6
2020-02-19 10:16:01 -08:00
Sebastiaan van Stijn
b1b5f2e626
vendor: golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6
...
full diff: c2843e01d9...1d94cc7ab1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-19 13:01:06 +01:00
Akihiro Suda
2f5ad30ae5
Merge pull request #1351 from tonistiigi/security-devices
...
mount whitelist of devices on insecure security mode
2020-02-14 16:52:26 +09:00
Akihiro Suda
3c53f48f22
Merge pull request #1365 from tonistiigi/base-upt
...
dockerfile: update static base images
2020-02-13 15:52:11 +09:00
Tonis Tiigi
eccae3e469
dockerfile: update static base images
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-02-12 22:02:10 -08:00
Akihiro Suda
b5fb8c4428
Merge pull request #1356 from tonistiigi/lazy-results
...
solver: evaluate solve results lazily
2020-02-10 00:15:43 +09:00
Tonis Tiigi
b0e76973ee
solver: use correct context for getting cache managers lazily
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-02-06 15:11:49 -08:00
Tibor Vass
0b130cca04
Merge pull request #1357 from AkihiroSuda/add-hinshun-maintainers
...
MAINTAINERS: add @hinshun
2020-02-06 12:16:02 -08:00
Akihiro Suda
9d2a0d318b
MAINTAINERS: add @hinshun
...
@hinshun has been a very valuable contributor to the project,
especially for the solver component.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-02-07 04:40:21 +09:00
Tonis Tiigi
8cfe2de889
solver: evaluate solve results lazily
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-02-05 15:29:43 -08:00
Tonis Tiigi
b2fffc20d3
ops: add tests for shared and locked cache mounts
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-02-03 18:48:02 -08:00
Tonis Tiigi
6d907b6893
ops: fix deadlock on releasing shared mounts
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-02-03 18:47:42 -08:00
Tonis Tiigi
bf2dc85f80
ops: refactor cache mounts to have unit tests
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-02-03 15:00:22 -08:00
Tibor Vass
98ce74b987
Merge pull request #1352 from tonistiigi/windows-build-fix
...
file: fix compilation on windows
2020-01-30 20:49:19 -08:00
Tonis Tiigi
e0e29722e2
file: fix compilation on windows
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-01-30 20:21:40 -08:00
Tonis Tiigi
8f52339933
dockerfile: add test for whitelisted devices
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-01-30 18:43:04 -08:00
Tonis Tiigi
572a2b5718
entitlements: mount loop devices relative to next free device
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-01-30 13:47:44 -08:00
Tonis Tiigi
fc186a8b89
oci: mount whitelist of devices on insecure security mode
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-01-30 13:07:29 -08:00
Tibor Vass
fac9c1b402
Merge pull request #1342 from tonistiigi/userns-chown
...
fileop: keep correct user for parent dir on userns
2020-01-30 11:26:24 -08:00
Tõnis Tiigi
3cd32c0c25
Merge pull request #1347 from TBBle/run_hack_util_with_bash
...
Remove bashism from shared shell script
2020-01-29 10:02:02 -08:00
Tõnis Tiigi
6f4420b3c1
Merge pull request #1314 from TBBle/low_hanging_windows_fruit
...
Low-hanging Windows fruit
2020-01-29 10:01:23 -08:00
Paul "TBBle" Hampson
b9cf317850
Distinguish containerd failure from process exit code
...
Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-01-30 00:39:11 +11:00
Paul "TBBle" Hampson
e11b881c12
Set sensible defaults for Windows installations
...
Non-packaged execution will need this to be overridden anyway, and it
avoids a surprise "Drop state data into the current working directory"
event.
Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-01-30 00:34:44 +11:00
Paul "TBBle" Hampson
2bee17a65a
Don't always fail euid check on Windows
...
The check for running as a non-admin euid() doesn't work on Windows,
always returning -1.
For now, treat -1 as "Probably root", and let the failures happen later.
Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-01-30 00:34:44 +11:00
Paul "TBBle" Hampson
e801cc8238
Recognise Runtime V2 containerd plugins
...
This makes this code successfully discover the Windows Runtime V2
(hcsshim-based) plugin now that the Windows Runtime V1 (runhcs-based)
plugin has been removed upstream.
Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-01-30 00:34:44 +11:00
Paul "TBBle" Hampson
c67499de09
Create a new Error when there is no Error to wrap
...
Wrapping a `nil` error produces `nil`, which causes the calling code to
see success, and continue on with a default-created WorkerOpt, which
causes segfaults later.
Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-01-30 00:34:44 +11:00
Paul "TBBle" Hampson
1036fafffa
Support npipe the same way we support Unix sockets
...
The same function used to support Unix sockets automatically supports
Named Pipes on Windows.
This makes the default configuration option for the daemon address work
correctly on Windows.
Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-01-30 00:34:43 +11:00
Paul "TBBle" Hampson
539b08cd5d
Remove bashism from shared shell script
...
This file is consumed by both validate-vendor (inside an Alpine-based
Docker container where bash is not installed), and the other scripts.
Apart from validate-vendor, all the other scripts in hack/ use bash.
Fixes CI logging a complaint:
> ./hack/validate-vendor: 31: [: pull_request: unexpected operator
Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-01-30 00:20:51 +11:00